<?php
/**
 * Session library
 *
 * This library contains all code needed to handle
 * logging an user both in and out.
 * @package Packages
 */

/**
 *
 */
require_once(AD_SERVER_PATH . '/pkgs/auth.php');
require_once(AD_SERVER_PATH . '/pkgs/crypter.php');
require_once(AD_SERVER_PATH . '/pkgs/logger.php');
require_once(AD_SERVER_PATH . '/pkgs/server.php');
require_once(AD_SERVER_PATH . '/pkgs/utils.php');

/**
 * Session library
 *
 * This library contains all code needed to handle
 * logging an user both in and out.
 * @package Packages
 */
class CSession
{
	/**
	 * Execute
	 *
	 * Grabs user command and executes it.
	 */
	public function execute()
	{
		$sub_cmd = strtolower(CUtils::get_param('sub_cmd'));
		switch ($sub_cmd)
		{
			case 'login':
				$this->_do_login();
				break;

			case 'logout':
				$this->_do_logout();
				break;

			default:
				$this->_do_service();
				break;
		}
	}

	/**
	 * Logout user
	 *
	 * Destroys user cookie and reloads page
	 */
	private function _do_logout()
	{
		CLogger::log('INFO', CUtils::get_param('AD_RETS_U'), 'User logged out.');

		$exp = time() - (365 * 24 * 60 * 60);
		CUtils::set_cookie('AD_RETS_U', '', $exp);
		CUtils::set_cookie('AD_RETS_P', '', $exp);
		CUtils::set_cookie('mls_system', '', $exp);

		header('Location: index.php');
	}

	/**
	 * Login user
	 *
	 * Sets user cookie and sets success message.
	 */
	private function _do_login()
	{
		$result = '{success:false}';

		$user = CUtils::get_param('user');
		$pass = CUtils::get_param('pwd');
		$mls  = CUtils::get_param('mls_system');

		CUtils::set_cookie('mls_system', $mls);

		CLogger::log('DEBUG', $user, 'Attempting to login; user: ' . $user . ', password: ' . $pass . ',MLS: ' . $mls);

		$auth_obj = new CAuth();
		$allowed = $auth_obj->is_allowed($user);
		if ($allowed == 'BANNED')
		{
			$result = '{success:false, msg:"' . ERR_BANNED_USER . '"}';
		}
		else if ($allowed == 'TEMP_BAN')
		{
			$result = '{success:false, msg:"' . ERR_ABUSIVE_LOGIN . '"}';
		}
		else if (null == CUtils::get_rets($user, $pass))
		{
			$result = '{success:false, msg:"' . ERR_INVALID_LOGIN . '"}';
		}
		else //
		{
			$auth_obj->clean_attempt($user);
			CUtils::set_cookie('AD_RETS_U', $user);
			CUtils::set_cookie('AD_RETS_P', $pass);
			CLogger::log('INFO', $user, 'User logged in.');
			$result = '{success:true}';
		}
		CLogger::log('DEBUG', $user, $result);

		echo $result;
	}

	/**
	 * Test is user is logged in
	 *
	 * Validate that user is currently logged into the site.
	 * @return bool
	 */
	private function _is_logged_in() //TODO rets test later....
	{
		$user = CUtils::get_cookie('AD_RETS_U');
		$pass = CUtils::get_cookie('AD_RETS_P');

		if (null != $user && null != $pass)
		{
			return TRUE;
		}
		else
		{
			return FALSE;
		}
	}

	/**
	 * Execute user command
	 *
	 * Validate that user is currently logged into the site,
	 * and if so, execute their command.
	 */
	private function _do_service()
	{
		if (true == $this->_is_logged_in())
		{
			$server_obj = new CServer();
			$server_obj->execute();
		}
		else //
		{
			require_once(AD_SERVER_PATH . '/templates/html/login.htm');
		}
	}
}
